Adobe Acrobat vulnerabilities

1,356 known vulnerabilities affecting adobe/acrobat.

Total CVEs

1,356

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL540HIGH476MEDIUM316LOW24

Vulnerabilities

Page 33 of 68

CVE-2017-2951HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2951 [HIGH] CWE-416 CVE-2017-2951: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2954HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2954 [HIGH] CWE-119 CVE-2017-2954: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2963HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2963 [HIGH] CWE-119 CVE-2017-2963: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to handling of the color profile in a TIFF file. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2949HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2949 [HIGH] CWE-119 CVE-2017-2949: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the XSLT engine. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2939HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2939 [HIGH] CWE-119 CVE-2017-2939: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing a malformed cross-reference table. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2948HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2948 [HIGH] CWE-119 CVE-2017-2948: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2956HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2956 [HIGH] CWE-416 CVE-2017-2956: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to manipulation of the navigation pane. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2942HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2942 [HIGH] CWE-119 CVE-2017-2942: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when processing TIFF image data. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2950HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2950 [HIGH] CWE-416 CVE-2017-2950: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2957HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2957 [HIGH] CWE-416 CVE-2017-2957: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the JavaScript engine, related to collaboration functionality. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2965HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2965 [HIGH] CWE-119 CVE-2017-2965: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2959HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2959 [HIGH] CWE-119 CVE-2017-2959: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2941HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2941 [HIGH] CWE-119 CVE-2017-2941: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing Compact Font Format data. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2960HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2960 [HIGH] CWE-119 CVE-2017-2960: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2945HIGHCVSS 7.8≤ 11.0.182017-01-11

CVE-2017-2945 [HIGH] CWE-119 CVE-2017-2945: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability when parsing TIFF image files. Successful exploitation could lead to arbitrary code execution.

nvd

CVE-2017-2947MEDIUMCVSS 5.5≤ 11.0.182017-01-11

CVE-2017-2947 [MEDIUM] CWE-20 CVE-2017-2947: Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlie Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have a security bypass vulnerability when manipulating Form Data Format (FDF).

nvd

CVE-2016-4095CRITICALCVSS 9.8≤ 11.0.172016-11-10

CVE-2016-4095 [CRITICAL] CWE-119 CVE-2016-4095: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

nvd

CVE-2016-7854CRITICALCVSS 9.8≤ 11.0.172016-10-21

CVE-2016-7854 [CRITICAL] CVE-2016-7854: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7852CRITICALCVSS 9.8≤ 11.0.172016-10-21

CVE-2016-7852 [CRITICAL] CVE-2016-7852: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

CVE-2016-7853CRITICALCVSS 9.8≤ 11.0.172016-10-21

CVE-2016-7853 [CRITICAL] CVE-2016-7853: Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-6940, CVE-2016-6941

nvd

← Previous33 / 68Next →